Remarks 

[0001] Herein, the "Action" or "Office Action" refers to the non-final 
Office Action date January 5, 2007. 

[0002] Applicant respectfully requests reconsideration and allowance 
of all pending claims of the application. Claims 1-6, 10-15, 18-21, and 23- 
29 are presently pending. Claims amended herein are 1, 12-13, 18-19, 23- 
24, and 28. Claims withdrawn or canceled herein are claims 7-9, 16, 17, 
22, and 30-31. New claims added herein are None. 

Formal Request for an Interview 

[0003] If the Office's reply to this communication is anything other 
than allowance of all pending claims, then Applicant formally requests an 
interview with the Examiner of this patent application. I encourage the 
Examiner to contact me— the undersigned attorney for the Applicant— to 
schedule a date and time for a telephone interview that is most convenient 
for both of us. Please email me at chrisf(a)leehaves.com . Should you 
contact me by email, please copy my assistant Carly Taylor 



f carly(g)leehayes.coiTO as well. While email works great for me, I welcome 

you to call either of us as well. 
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Substantive Ciaim Rejections 
35 U.S.C. §101 Claim Rejections 

[0004] Claims 12, 18, 23, and 28-31 are rejected under 35 U.S.C. 101 
as being directed to non-statutory subject matter {Off ice Action p.2). The 
Office indicates that the term "computer readable medium" in the 
specification includes modulated data, such as carrier waves, and that 
forms of energy don not fall within a statutory category {Off ice Action p.2). 
Appropriate correction has been made herein. More specifically, the claims 
have been amended to recite that the computer-readable media include at 
least one tangible component. 

35 USC S 102 Claim Rejections 

[0005] Claims 1-9, 11-18, and 28 are rejected under 35 U.S.C. 
§102(b) as being anticipated by U.S. Patent Application Publication No. 
2002/0049806 to Gatz et al. (hereinafter, "Gatz") {Off ice Action p. 3). 

[0006] Applicant respectfully traverses the rejections, and requests 
reconsideration and allowance in light of the comments and amendments 
contained herein. Accordingly, Applicant requests that the rejections be 
withdrawn and that the case be passed along to issuance. 
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Summary of Gatz 

[0007] Gatz describes an account based access control system which 
allows a parent to establish a parental account and a child account, and 
then use the parental account to control the access their child has to 
information provided over the internet {Gatz [0014]). More specifically, 
Gatz describes that in the account based server system 202, an access 
server 214 controls the use of services {Gatz [0014]). Gatz describes that 
the server system 202 includes access server 214 which is coupled to user 
account database 220 and content database 222, and that the access 
server 214 responds to a user 212 request for access {Gatz [0044] and 
Fig.2). 

[0008] The user account database 220 stores and provides access to 
data in a data structure as show in Fig. 3 of Gatz. The user account 
database 220 stores a large number of records 57 in a table data structure 
associated with a family account identifier 52, parent identifier 54 for each 
parent, and child identifier 56 for each child {Gatz [0049] and Fig.3). Gatz 
describes that before establishing an account for her child, the parent 
must first establish a parent account {Gatz [0060] [0062] [0065]). After 
creating the parent account, the parent can add a child account and the 
child's access to the internet via this account can be limited {Gatz 
[0066][0068]). 
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[0009] Claim 1 recites a method comprising: 



communicating a parental identity to an authentication 
server for verification; 

receiving a relationship ticket from the authentication 
server when the parental identity has been successfully 
verified, wherein the relationship ticket received from the 
authentication server is encrypted so that the relationship 
ticket cannot be decrypted by a client device which receives 
the relationship ticket, and wherein the relationship ticket 
includes the parental identity and identifies a child who's 
access to a Web server is to be limited; 

generating a request to establish a selected permission 
level for the child which will limit the child's access to the Web 
server; 

sending the request and the relationship ticket to the 
Web server for decryption of the relationship ticket, 
authentication of the parental identity, and establishment of 
the selected permission ievel for the child; and 

receiving a success code from the Web server if the 
selected permission level is established for the child. 



[0010] In order for Gatz to anticipate this claim, Applicant submits 
that Gatz must disclose each and every element and feature of the claim 
and that they must be arranged in the same manner as the claim. 
Applicant respectfully submits that Gatz does not disclose all of the claimed 
elements and features of claim 1. For example, Gatz does not show or 
disclose a client "receiving a relationship ticket from the authentication 
server when the parental identity has been successfully verified" and that 
"the relationship ticket received from the authentication server is 
encrypted so that the relationship ticket cannot be decrypted by a client 
device which receives the relationship ticket" and that "the relationship 
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ticket includes the parental identity and identifies a child who's access to a 
Web server is to be limited" as recited in claim 1. 

[0011] With regard to obtaining a relationship ticket, the Office cites 
generally to several different sections of Gatz {Office Action, p.3; Gatz, 
Abstract, H[0015], and Figs. 3-4). However, the cited sections of Gatz do 
not describe receiving a relationship ticket (from the authentication server) 
when the parental identity has been successfully verified. For example, 
Figs. 3 & 4 do not show or disclose receiving a relationship ticket from the 
authentication server when the parental identity has been successfully 
verified, but instead simply show the structure of data stored in the user 
account database 220 of the account-based system 202 which is described 
in Gatz {Gatz [0049] and [0057]). In fact, Gatz says nothing about 
"receiving a relationship ticket from the authentication server when the 
parental identity has been successfully verified", as recited in claim 1. 

[0012] Further, even if the relational data structure (e.g., Fig. 3) of 
Gatz were considered to be a relationship ticket, Gatz also does not show 
or disclose that "the relationship ticket received from the authentication 
server is encrypted so that the relationship ticket cannot be decrypted by a 
client device which receives the relationship ticket", as recited in claim 1. 

[0013] Regarding encryption, the Office indicates that Gatz discloses 
that "...the user might select to verify account control requirements 92 
over a secure network connection using, for example, SSL (Secure Socket 
Layer)...", and that a person of ordinary skill in the art would know that 
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SSL uses a cryptographic system that uses two keys to encrypt data 
{Office Action p A; Gatz [0062]). 

[0014] Applicant acknowledges that SSL is a protocol for transmitting 
private documents via the Internet, and that SSL uses two keys to encrypt 
data: (1) a public key known to everyone, and (2) a private key known 
only to the recipient of the message. However, claim 1 recites that "the 
relationship ticket received from the authentication server is encrypted so 
that the relationship ticket cannot be decrypted by a client device which 
receives the relationship ticket". In contrast, according to the SSL 
protocol, the recipient of the message has a private key to decrypt the 
message. Accordingly, Gatz also does not show or disclose that "the 
relationship ticket received from the authentication server is encrypted so 
that the relationship ticket cannot be decrypted bv a client device which 
receives the relationship ticket " as recited in claim 1 (emphasis added). 

[0015] Further, Gatz does not show or disclose that "the relationship 
ticket includes the parental identity and identifies a child who's access to a 
Web server is to be limited" as recited in claim 1. Although Gatz shows a 
relational data structure stored in the user account database 220, Gatz 
says nothing about a "relationship ticket includes the parental identity and 
identifies a child who's access to a Web server is to be limited" as recited 
in claim 1 {Gatz, [0049][0057], and Fig.3). 

[0016] Further, Gatz does not show or disclose "sending the request 
and the relationship ticket to the Web server for decryption of the 
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relationship ticket, authentication of the parental identity, and 
establishment of the selected permission level for the child" as recited in 
claim 1. 

[0017] Further, Gatz does not show or disclose "receiving a success 
code from the Web server if the selected permission level is established for 
the child" as recited in claim 1. The Office cites to paragraph [0070] of 
Gatz as disclosing this element of claim 1. Instead, the cited paragraph 
simply describes that the parent can change a child's account password, 
and when the password for the child account has been chanced, the 
access system 202 will send the affected child account an email 
confirmation that the password has been changed {Gatz [0070]). 

[0018] Accordingly, claim 1 is allowable over Gatz for at least these 
reasons, and Applicant respectfully requests that the §102 rejection be 
withdrawn. 

[0019] Claims 2-6, 9, 11, and 12 are allowable by virtue of their 
dependency upon claim 1 (either directly or indirectly). Additionally, some 
or all of claims 2-6, 9, 11, and 12 may be allowable over Gatz for 
independent reasons. 
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[0020] Claim 13 recites a method comprising: 



communicating a employer identity to an authentication 
server for verification; 

receiving a relationship ticket from the authentication 
server when the employer identity has been successfully 
verified, wherein the relationship ticket received from the 
authentication server is encrypted so that the relationship 
ticket cannot be decrypted by a client device which receives 
the relationship ticket, and wherein the relationship ticket 
includes the employer identity and identifies an employee 
who's access to a Web server is to be limited; 

generating a request to establish a selected permission 
level for the employee which wili limit the employee's access 
to the Web server; 

sending the request and the relationship ticket to the 
Web server for decryption of the relationship ticket, 
authentication of the employer identity, and establishment of 
the selected permission level for the employee; and 

receiving a success code from the Web server if the 
selected permission level is established for the employee. 



[0021] In order for Gatz to anticipate this claim, Applicant submits 
that Gatz must disclose each and every element and feature of the claim 
and that they must be arranged in the same manner as the claim. 
Applicant respectfully submits that based on reasoning similar to that 
discussed above in response to the rejection of claim 1, Gatz does not 
disclose all of the claimed elements and features of claim 13. For the sake 
of brevity, Applicant has not repeated the arguments. 
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[0022] Accordingly, claim 13 is allowable over Gatz for at least these 
reasons, and Applicant respectfully requests that the §102 rejection be 
withdrawn. 



[0023] Claims 14, 15, and 18 are allowable by virtue of their 
dependency upon claim 13 (either directly or indirectly). Additionally, 
some or all of claims 14, 15, and 18 may be allowable over Gatz for 
independent reasons. 



[0024] Claim 28 recites one or more computer-readable media 
having stored thereon a computer program that, when executed by one or 
more processors, causes the one or more processors to: 

select a permission level associated with an associate's 
access to a Web server; 

obtain a relationship ticket from an authentication 
server, wherein the relationship ticket obtained from the 
authentication server is encrypted and includes information 
regarding a manager's identity and information regarding an 
identity of an associate who's access to the Web server is to 
be limited; 

generate a request to establish a selected permission 
level for the associate which will limit the associate's access to 
the Web server; 

send the request and the relationship ticket to the Web 
server via an unsecure communication link for decryption of 
the relationship ticket, authentication of the manager's 
identity, and establishment of the selected permission level for 
the associate; and 

receive a success code from the Web server if the 
requested permission level is established for the associate. 
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[0025] In order for Gatz to anticipate this claim, Applicant submits 
that Gatz must disclose each and every element and feature of the claim 
and that they must be arranged in the same manner as the claim, 
Applicant respectfully submits that based on reasoning similar to that 
discussed above in response to the rejection of claim 1, Gatz does not 
disclose all of the claimed elements and features of claim 28. For the sake 
of brevity, Applicant has not repeated the arguments. 

[0026] Accordingly, claim 28 is allowable over Gatz for at least these 
reasons, and Applicant respectfully requests that the §102 rejection be 
withdrawn. 

35 USC 6 103 Claim Reiections 

[0027] Claim 10 is rejected under 35 U.S.C. § 103(a) as being obvious 
over Gatz in view Examiner's Official Notice (hereinafter, "Notice") (Office 
Act/on, p. 9). 

[0028] Claims 19-27 and 29 are rejected under 35 U.S.C. §103(a) as 
being obvious over Gatz in view of U.S. Patent No. 7,085,937 to Rezvani et 
al. (hereinafter, "Rezvani") (Office Act/on, p. 9). 

[0029] Applicant respectfully traverses each of the §103 rejections, 
and requests reconsideration and allowance in light of the comments and 
amendments contained herein. 
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[0030] Claim 19 recites a method comprising: 



identifying a modified permission level associated with a 
user's access to a Web service; 

receiving a relationship ticket from an authentication 
server when a manager's identity has been successfully 
verified, wherein the relationship ticket received from the 
authentication server is encrypted so that the relationship 
ticket cannot be decrypted by a client device which receives 
the relationship ticket, and wherein the relationship ticket 
includes the manager's identity and identifies a user who's 
access to a Web service is to be modified; 

generating a request to modify a selected permission 
level for the user which controls the user's access to the Web 
service; 

sending the request and the relationship ticket to the 
Web service via an unsecure connection for decryption of the 
relationship ticket, authentication of the manager's identity, 
and modification of the selected permission level for the user; 
and 

receiving a success code from the Web service if the 
modified permission level is established for the user. 



[0031] The Office cites to Rezvani as disclosing encrypting data in an 
unsecure connection and relies on Gatz as disclosing all other features of 
claim 19 (Office Action p. 10; Rezvani Abstact). However, Gatz and/or 
Rezvani do not teach or suggest the combination of features recited in 
claim 19. 

[0032] Applicant acknowledges that Rezvani discloses encrypting data 
in an unsecure connection. However, Applicant respectfully submits that 
based on reasoning similar to that discussed above in response to the 
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anticipation rejection of claim 1, Gatz does not disclose all of the remaining 
claimed elements and features of claim 19. For the sake of brevity, 
Applicant has not repeated the arguments. 

[0033] Accordingly, claim 19 is allowable over Gatz-Rezvani 
combination for at least these reasons, and Applicant respectfully requests 
that the §103 rejection be withdrawn. 

[0034] Claims 20-23 are allowable over the Gatz-Rezvani 
combination by virtue of their dependency upon claim 19 (either directly or 
indirectly). Additionally, some or all of claims 20-23 may be allowable over 
the Gatz-Rezvani combination for independent reasons. 



[0035] Claim 24 recites apparatus comprising: 

an interface to receive requests to establish Web access 
permissions and relationship tickets via an unsecure 
communication link, wherein the relationship ticket received is 
encrypted and includes information regarding a manager 
identity and information regarding an identity if an associate 
who's Web access permissions are to be controlled; 

a storage device to store manager-associate 
relationship information for use in authenticating the manager 
identity; and 

a processor coupled to the interface and the storage 
device, the processor to receive the relationship ticket from a 
client device and decrypt the relationship ticket, the processor 
further to authenticate the relationship ticket and establish the 
requested Web access permissions if the relationship ticket is 
authenticated. 
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[0036] The Office cites to Rezvani as disclosing encrypting data in an 
unsecure connection and relies on Gatz as disclosing all other features of 
claim 24 {Office Action, p. 12; Rezvani, Abstact). However, Gatz and/or 
Rezvani do not teach or suggest the combination of features recited in 
claim 24. 

[0037] Applicant acknowledges that Rezvani discloses 
encrypting/decrypting in an unsecure connection. However, Applicant 
respectfully submits that based on reasoning similar to that discussed 
above in response to the anticipation rejection of claim 1, Gatz does not 
disclose all of the remaining claimed elements and features of claim 24. 
For the sake of brevity, Applicant has not repeated the arguments. 

[0038] Accordingly, claim 24 is allowable over Gatz-Rezvani 
combination for at least these reasons, and Applicant respectfully requests 
that the §103 rejection be withdrawn. 

[0039] Claims 25-27 are allowable over the Gatz-Rezvani 
combination by virtue of their dependency upon claim 24 (either directly or 
indirectly). Additionally, some or all of claims 25-27 may be allowable over 
the Gatz-Rezvani combination for independent reasons. 

[0040] Claims 10 and 29 : The Applicant notes that neither claim 
10 or 29 are independent claims, and that claim 10 depends from claim 2 
and that claim 29 depends from claim 28. Applicant further notes that it is 
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axiomatic that any dependent claims which depend from an allowable base 
claim are also allowable, and therefore the Applicant does not believe that 
it is necessary to present arguments in favor of claims 10 and 29, as these 
claims should be allowable for at least the reasons discussed above in 
response to rejection of their respective base claims, as well as for their 
own recited features which are neither shown nor supported by the cited 
references. Further, Applicant notes that Notice fails to cure the 
deficiencies described above with respect to Gatz, and the §102 rejections 
of claim 1, and that Rezvani fails to cure the deficiencies described above 
with respect to Gatz, and the §102 rejections of claim 28. 

[0041] Accordingly, Applicant requests that the §103 rejection be 
withdrawn and that claims 10 and 29 be allowed in the next Action. 

Dependent Claims 

[0042] In addition to its own merits, each dependent ciaim is 
allowable for the same reasons that its base claim is allowable. Applicant 
submits that the Office withdraw the rejection of each dependent claim 
where its base claim is allowable. 
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Conclusion 



[0043] All pending claims are in condition for allowance. Applicant 
respectfully requests reconsideration and prompt issuance of the 
application. If any issues remain that prevent issuance of this application, 
the Office is urged to contact the undersigned attorney before issuing a 
subsequent Action. 



Respectfully Submitted, 



Dated: 





(509) 324-9256 x249 
chrisftaieehayes.com 
www.leehaves.com 



Christen M. Fairborn 
Reg. No. 55,164 
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